[Dovecot] dovecot 0.99.14 and imaps (SSL) "hangs"
Hello,
I just decided to try dovecot again after a long pause, and I must say that I am very impressed with the speed and resource usage, even when running with UNIX mailboxes.
However, I have a problem with SSL. Every two minutes the connection is frozen, and the client has to reconnect after it times out waiting for a response from the server.
My IMAP client fetches all headers, and then caches all messages in my mailboxes. However, if I do this while connected to dovecot using SSL (imaps, port 993) the connection times out roughly every two minutes, and the IMAP client must close the connection, reconnect and resume operations from where it left off. This makes resynching a 40000 message 300MB folder take VERY long :-)
Using the same client, connected to the same server and syncing the same mailbox connecting to regular imap port (no TLS, port 143), everything works smoothly.
The very same client, server and mailbox works flawlessly with uw-imapd and SSL.
I have turned on rawlog, and everything seems to be OK. I am unable to dump the wire, because it's SSL, so not sure what to do to debug this.
One thing I find a bit strange is that /var/run/dovecot/ssl-parameters.dat is a 0 byte file. Is this normal?
Client: Apple Mail 1.3.11 (v622) Server: dovecot 0.99.14, installed from ports on FreeBSD 5 dovecot.conf:
Regards, Frode Nordahl
Have you tried another client?
/jon
Frode Nordahl said the following on 2005-05-07 14:02:
Hello,
I just decided to try dovecot again after a long pause, and I must say that I am very impressed with the speed and resource usage, even when running with UNIX mailboxes.
However, I have a problem with SSL. Every two minutes the connection is frozen, and the client has to reconnect after it times out waiting for a response from the server.
My IMAP client fetches all headers, and then caches all messages in my mailboxes. However, if I do this while connected to dovecot using SSL (imaps, port 993) the connection times out roughly every two minutes, and the IMAP client must close the connection, reconnect and resume operations from where it left off. This makes resynching a 40000 message 300MB folder take VERY long :-)
Using the same client, connected to the same server and syncing the same mailbox connecting to regular imap port (no TLS, port 143), everything works smoothly.
The very same client, server and mailbox works flawlessly with uw-imapd and SSL.
I have turned on rawlog, and everything seems to be OK. I am unable to dump the wire, because it's SSL, so not sure what to do to debug this.
One thing I find a bit strange is that /var/run/dovecot/ssl-parameters.dat is a 0 byte file. Is this normal?
Client: Apple Mail 1.3.11 (v622) Server: dovecot 0.99.14, installed from ports on FreeBSD 5 dovecot.conf:
On May 7, 2005, at 18:16, Jon wrote:
Have you tried another client?
No, but that is somewhat besides the point. I want it to work with this client.
Mvh, Frode
/jon
Frode Nordahl said the following on 2005-05-07 14:02:
Hello,
I just decided to try dovecot again after a long pause, and I must say that I am very impressed with the speed and resource usage, even when running with UNIX mailboxes.
However, I have a problem with SSL. Every two minutes the connection is frozen, and the client has to reconnect after it times out waiting for a response from the server.
My IMAP client fetches all headers, and then caches all messages in my mailboxes. However, if I do this while connected to dovecot using SSL (imaps, port 993) the connection times out roughly every two minutes, and the IMAP client must close the connection, reconnect and resume operations from where it left off. This makes resynching a 40000 message 300MB folder take VERY long :-)
Using the same client, connected to the same server and syncing the same mailbox connecting to regular imap port (no TLS, port 143), everything works smoothly.
The very same client, server and mailbox works flawlessly with uw-imapd and SSL.
I have turned on rawlog, and everything seems to be OK. I am unable to dump the wire, because it's SSL, so not sure what to do to debug this.
One thing I find a bit strange is that /var/run/dovecot/ssl-parameters.dat is a 0 byte file. Is this normal?
Client: Apple Mail 1.3.11 (v622) Server: dovecot 0.99.14, installed from ports on FreeBSD 5 dovecot.conf:
Hi,
I have turned on rawlog, and everything seems to be OK. I am unable to dump the wire, because it's SSL, so not sure what to do to debug this.
Since you know the private key of the server (I assume you run it yourself), you can use ssldump to dump the traffic (use ssldump -k keyfile -d to decode the traffic with the private key in PEM format)
johannes
On May 7, 2005, at 20:49, Johannes Berg wrote:
Hi,
I have turned on rawlog, and everything seems to be OK. I am unable to dump the wire, because it's SSL, so not sure what to do to debug this.
Since you know the private key of the server (I assume you run it yourself), you can use ssldump to dump the traffic (use ssldump -k keyfile -d to decode the traffic with the private key in PEM format)
Great! I have been looking (obviously not hard enough) for something like that. Thanks!
Regards, Frode
johannes
On Sat, May 07, 2005 at 02:02:21PM +0200, Frode Nordahl wrote:
However, I have a problem with SSL. Every two minutes the connection is frozen, and the client has to reconnect after it times out waiting for a response from the server. [...] Client: Apple Mail 1.3.11 (v622) Server: dovecot 0.99.14, installed from ports on FreeBSD 5
Many of us have had problems with the version of Apple Mail that was distributed with OS X 10.3.9 using SSL connections to a variety of different IMAP servers, including Dovecot.
Fortunately Mail.app Version 2 (727/728) distributed with OS 10.4 doesn't exhibit the same problem.
If you aren't ready to upgrade, I would recommend trying another client. Mulberry V4.0 is shaping up quite nicely.
-- Jim Tittsler http://www.OnJapan.net/ GPG: 0x01159DB6 Python Starship http://Starship.Python.net/ Ringo MUG Tokyo http://www.ringo.net/rss.html
On May 8, 2005, at 2:09, Jim Tittsler wrote:
Many of us have had problems with the version of Apple Mail that was distributed with OS X 10.3.9 using SSL connections to a variety of different IMAP servers, including Dovecot.
Do you think this is caused by a openssl upgrade or similar, or changes in Mail.app?
Fortunately Mail.app Version 2 (727/728) distributed with OS 10.4 doesn't exhibit the same problem.
Cool, I'm getting my copy as soon as Apple Ireland get their act together! :-)
If you aren't ready to upgrade, I would recommend trying another client. Mulberry V4.0 is shaping up quite nicely.
It works with UW-IMAP! (TM) :-).
But seriously, any client incompability is a problem for me, as I am evaluating for deployment in a largish ISP.
I'm also having some issues with slow download speeds when fetching a lot of message headers or message bodies (compared to UW-IMAPD with MBX). SELECT and SEARCH is VERY swift though.
I'll install dovecot on a test server and try to figure out what's going on.
Regards,
Frode Nordahl
-- Jim Tittsler http://www.OnJapan.net/ GPG: 0x01159DB6 Python Starship http://Starship.Python.net/ Ringo MUG Tokyo http://www.ringo.net/rss.html
On May 8, 2005, at 09:27, Frode Nordahl wrote:
On May 8, 2005, at 2:09, Jim Tittsler wrote:
Many of us have had problems with the version of Apple Mail that was distributed with OS X 10.3.9 using SSL connections to a variety of different IMAP servers, including Dovecot.
Do you think this is caused by a openssl upgrade or similar, or
changes in Mail.app?
I don't know. I think the Apple bug reporter exchanges are covered
by NDA. I encourage you to list your own bug against Mail.app.
There have been public reports of this symptom with at least Courier,
Dovecot (0.99 and 1.0), and MyRealBox SSL connections. Sometimes
clicking on another application or the desktop and then back on
Mail.app can wake it up. Or selecting another message in the mailbox
and then going back to the new one it is having trouble reading
works. (If you watch the logs, you'll see it log in again.)
-- Jim Tittsler http://www.OnJapan.net/ GPG: 0x01159DB6 Python Starship http://Starship.Python.net/ Ringo MUG Tokyo http://www.ringo.net/rss.html
On Sat, 2005-05-07 at 14:02 +0200, Frode Nordahl wrote:
One thing I find a bit strange is that /var/run/dovecot/ssl-parameters.dat is a 0 byte file. Is this normal?
Yes, it's for GNUTLS although I think I should do something similar to OpenSSL too..
Server: dovecot 0.99.14, installed from ports on FreeBSD 5
I'd recommend trying 1.0-stables (or 1.0-tests even) instead. Their code is almost completely different from 0.99.x.
participants (6)
-
Frode Nordahl
-
Jim Tittsler
-
Jim Tittsler
-
Johannes Berg
-
Jon
-
Timo Sirainen